One might well ask: Why sign any "mutable" file?
The (rather inchoate) answer supplied in the original RFE for signing %config
files is (iiuc) was 1) so that IMA policy can be written against %config files
and 2) so that %config files in a package will have an ima signature in an
xattr.

Advertising

The same reasoning applies to %ghost files which are "owned" (with usual
perms/uid/gid metadata) by a package. The content of %ghost files is usually
generated in %buildroot using touch(1), so the appropriate signature for %ghost
files would be a signature on an empty (but "mutable") file.
The main reason for treating %ghost like empty %config files is to remove
special cases peculiar to rpm packaging that show up later as RFE's.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/374#issuecomment-364620067